Commit 661b6fe5 by RuoYi

管理员用户&角色不允许操作

parent ac97d15a
......@@ -26,7 +26,7 @@
10. 登录日志:系统登录日志记录查询包含登录异常。
11. 在线用户:当前系统中活跃用户状态监控。
12. 定时任务:在线(添加、修改、删除)任务调度包含执行结果日志。
13. 代码生成:前后端代码的生成(java、html、xml、sql)支持CRUD下载 。
13. 代码生成:前后端代码的生成(java、html、xml、sql支持CRUD下载 。
14. 系统接口:根据业务代码自动生成相关的api接口文档。
15. 服务监控:监视当前系统CPU、内存、磁盘、堆栈等相关信息。
16. 在线构建器:拖动表单元素生成相应的HTML代码。
......
......@@ -121,6 +121,7 @@ public class SysRoleController extends BaseController
@ResponseBody
public AjaxResult editSave(@Validated SysRole role)
{
roleService.checkRoleAllowed(role);
if (UserConstants.ROLE_NAME_NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role)))
{
return error("修改角色'" + role.getRoleName() + "'失败,角色名称已存在");
......@@ -153,6 +154,7 @@ public class SysRoleController extends BaseController
@ResponseBody
public AjaxResult authDataScopeSave(SysRole role)
{
roleService.checkRoleAllowed(role);
role.setUpdateBy(ShiroUtils.getLoginName());
if (roleService.authDataScope(role) > 0)
{
......@@ -216,6 +218,7 @@ public class SysRoleController extends BaseController
@ResponseBody
public AjaxResult changeStatus(SysRole role)
{
roleService.checkRoleAllowed(role);
return toAjax(roleService.changeStatus(role));
}
......
......@@ -18,7 +18,6 @@ import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.page.TableDataInfo;
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.poi.ExcelUtil;
import com.ruoyi.framework.shiro.service.SysPasswordService;
import com.ruoyi.framework.util.ShiroUtils;
......@@ -159,11 +158,8 @@ public class SysUserController extends BaseController
@ResponseBody
public AjaxResult editSave(@Validated SysUser user)
{
if (StringUtils.isNotNull(user.getUserId()) && SysUser.isAdmin(user.getUserId()))
{
return error("不允许修改超级管理员用户");
}
else if (UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
userService.checkUserAllowed(user);
if (UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
{
return error("修改用户'" + user.getLoginName() + "'失败,手机号码已存在");
}
......@@ -190,6 +186,7 @@ public class SysUserController extends BaseController
@ResponseBody
public AjaxResult resetPwdSave(SysUser user)
{
userService.checkUserAllowed(user);
user.setSalt(ShiroUtils.randomSalt());
user.setPassword(passwordService.encryptPassword(user.getLoginName(), user.getPassword(), user.getSalt()));
if (userService.resetUserPwd(user) > 0)
......@@ -258,6 +255,7 @@ public class SysUserController extends BaseController
@ResponseBody
public AjaxResult changeStatus(SysUser user)
{
userService.checkUserAllowed(user);
return toAjax(userService.changeStatus(user));
}
}
\ No newline at end of file
......@@ -5,7 +5,6 @@ import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import javax.sql.DataSource;
import org.apache.ibatis.io.VFS;
import org.apache.ibatis.session.SqlSessionFactory;
import org.mybatis.spring.SqlSessionFactoryBean;
......
......@@ -19,7 +19,6 @@ import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import com.ruoyi.common.exception.user.CaptchaException;
import com.ruoyi.common.exception.user.RoleBlockedException;
import com.ruoyi.common.exception.user.UserBlockedException;
......
......@@ -52,6 +52,16 @@ public class SysRole extends BaseEntity
/** 部门组(数据权限) */
private Long[] deptIds;
public SysRole()
{
}
public SysRole(Long roleId)
{
this.roleId = roleId;
}
public Long getRoleId()
{
return roleId;
......@@ -62,6 +72,16 @@ public class SysRole extends BaseEntity
this.roleId = roleId;
}
public boolean isAdmin()
{
return isAdmin(this.roleId);
}
public static boolean isAdmin(Long roleId)
{
return roleId != null && 1L == roleId;
}
public String getDataScope()
{
return dataScope;
......
......@@ -93,6 +93,16 @@ public class SysUser extends BaseEntity
/** 岗位组 */
private Long[] postIds;
public SysUser()
{
}
public SysUser(Long userId)
{
this.userId = userId;
}
public Long getUserId()
{
return userId;
......
......@@ -109,6 +109,13 @@ public interface ISysRoleService
public String checkRoleKeyUnique(SysRole role);
/**
* 校验角色是否允许操作
*
* @param role 角色信息
*/
public void checkRoleAllowed(SysRole role);
/**
* 通过角色ID查询角色使用数量
*
* @param roleId 角色ID
......@@ -123,6 +130,7 @@ public interface ISysRoleService
* @return 结果
*/
public int changeStatus(SysRole role);
/**
* 取消授权用户角色
*
......@@ -139,7 +147,7 @@ public interface ISysRoleService
* @return 结果
*/
public int deleteAuthUsers(Long roleId, String userIds);
/**
* 批量选择授权用户角色
*
......
......@@ -140,6 +140,13 @@ public interface ISysUserService
public String checkEmailUnique(SysUser user);
/**
* 校验用户是否允许操作
*
* @param user 用户信息
*/
public void checkUserAllowed(SysUser user);
/**
* 根据用户ID查询用户所属角色组
*
* @param userId 用户ID
......
......@@ -150,6 +150,7 @@ public class SysRoleServiceImpl implements ISysRoleService
Long[] roleIds = Convert.toLongArray(ids);
for (Long roleId : roleIds)
{
checkRoleAllowed(new SysRole(roleId));
SysRole role = selectRoleById(roleId);
if (countUserRoleByRoleId(roleId) > 0)
{
......@@ -294,6 +295,19 @@ public class SysRoleServiceImpl implements ISysRoleService
}
/**
* 校验角色是否允许操作
*
* @param role 角色信息
*/
public void checkRoleAllowed(SysRole role)
{
if (StringUtils.isNotNull(role.getRoleId()) && role.isAdmin())
{
throw new BusinessException("不允许操作超级管理员角色");
}
}
/**
* 通过角色ID查询角色使用数量
*
* @param roleId 角色ID
......
......@@ -167,10 +167,7 @@ public class SysUserServiceImpl implements ISysUserService
Long[] userIds = Convert.toLongArray(ids);
for (Long userId : userIds)
{
if (SysUser.isAdmin(userId))
{
throw new BusinessException("不允许删除超级管理员用户");
}
checkUserAllowed(new SysUser(userId));
}
return userMapper.deleteUserByIds(userIds);
}
......@@ -346,6 +343,19 @@ public class SysUserServiceImpl implements ISysUserService
}
/**
* 校验用户是否允许操作
*
* @param user 用户信息
*/
public void checkUserAllowed(SysUser user)
{
if (StringUtils.isNotNull(user.getUserId()) && user.isAdmin())
{
throw new BusinessException("不允许操作超级管理员用户");
}
}
/**
* 查询用户所属角色组
*
* @param userId 用户ID
......@@ -465,10 +475,6 @@ public class SysUserServiceImpl implements ISysUserService
@Override
public int changeStatus(SysUser user)
{
if (SysUser.isAdmin(user.getUserId()))
{
throw new BusinessException("不允许修改超级管理员用户");
}
return userMapper.updateUser(user);
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment